Vulnerability Description
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Intel | Graphics Driver | 15.33.43.4425 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2019/Oct/55
- http://seclists.org/fulldisclosure/2019/Oct/56
- http://www.securityfocus.com/bid/105582Third Party AdvisoryVDB Entry
- https://support.apple.com/kb/HT210634
- https://support.apple.com/kb/HT210722
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.MitigationVendor Advisory
- http://seclists.org/fulldisclosure/2019/Oct/55
- http://seclists.org/fulldisclosure/2019/Oct/56
- http://www.securityfocus.com/bid/105582Third Party AdvisoryVDB Entry
- https://support.apple.com/kb/HT210634
- https://support.apple.com/kb/HT210722
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.MitigationVendor Advisory
FAQ
What is CVE-2018-12152?
CVE-2018-12152 is a vulnerability with a CVSS score of 7.8 (HIGH). Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthe...
How severe is CVE-2018-12152?
CVE-2018-12152 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12152?
Check the references section above for vendor advisories and patch information. Affected products include: Intel Graphics Driver.